Interactive mode

[twcclegg]

Feature Request

Is your feature request related to a problem? Please describe.

It would be nice to have an interactive mode for use when cleaning up legacy repos.

Describe the solution you'd like

A flag somewhat akin to git add -p which would pause tartufo after each match, and after response to prompt continue the scan after reloading the tartufo.toml without having to start over.
A more advanced version could accept user input of to either update the tartufo.toml with the signature of a false positive or write out to a 'issue' file of real problems that need to be addressed.

Describe alternatives you've considered

Current strategy has been to abort tartufo after it's found a few issues, address them by hand, and then restart the scan

Teachability, Documentation, Adoption, Migration Strategy

example interface:

Reason: High Entropy
Filepath: Project/SomeFile.cs
Signature: fd1c9bfe7c636d7d17ee4ded238ae6ad8e026f6e5bd7b5e4582e33d1674b5fad
Commit time: 2009-03-26 01:07:17
Commit message: Some message
Commit hash: ee4a1261e697f28e096637c14c81e124876b055e
Branch: master
diff --git a/ Project/SomeFile.cs b/ Project/SomeFile.cs
index 5d9009f..7a219df 100644
--- a/ Project/SomeFile.cs
+++ b/ Project/SomeFile.cs
@@ -330,6 +330,22 @@ namespace Space
             if (String.Compare("Thing", value, true) != 0)
                 throw new Exception("Thing is not compatible with " + value);
         }
+        public bool IsSomething
+        {
+            get
+            {
+                return GetConfigValue("/some/sort/of/file/path/or.some.such") != "okay";
+            }
+            set
+            {
Mark signature as [f,i,c,q]?

Meanings:

• f - false positive (prompt for reason, add signature to exclusion list)
• i - real issue (prompt for reason and output to file)
• c - continue (reload tartufo.toml and continue)
• q - quit